package com.neuedu.hcp.config.security;

import com.neuedu.hcp.entity.Staff;

import com.neuedu.hcp.service.IStaffService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * security配置类
 * @author ZZD
 * @date 2021/4/27 11:51
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private IStaffService staffService;

    @Autowired
    private RestAuthorizationEntryPoint restAuthorizationEntryPoint;

    @Autowired
    private RestfulAccessDeniedHandler restfulAccessDeniedHandler;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder());
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers(
                "/login",
                "/logout",
                "css/**",
                "/js/**",
                "/index.html",
                "favicon.ico",
                "/captcha",
                "/hello",
                "/staffList/list",
                "/recovery/planList",
                "/recovery/insert",
                "/steward/planList",
                "/steward/insert",
                "/steward/update",
                "/steward/delete",
                "/distribute/planList",
                "/distribute/update",
                "/distribute/insert",
                "/distribute/delete",
                "/meal/list",
                "/meal/list1",
                "/meal/update",
                "/staff/list",
                "/recovery/in",
                "/recovery/delete",
                "/recovery/update",
                "/staff/stafflist",
                "/staff/delete",
                "/staff/update",
                "/staff/insert",
                "/nursinglevel/levelList",
                "/nursinglevel/delete",
                "/nursinglevel/update",
                "/nursinglevel/insert",
                "/content/contentList",
                "/content/delete",
                "/content/update",
                "/content/insert",
                "/bed/bedList",
                "/bed/delete",
                "/bed/update",
                "/bed/insert",


                "/recovery/update",
                "/staff/list",
                "/patient/planList",
                "/patient/update",
                "/patient/insert",
                "/out-registrate/update",
                "/exit-registrate/update",
                "/exit-registrate/planList",
                "/out-registrate/planList",
                "/out-registrate/insert",
                "/out-registrate/delete",
                "/exit-registrate/delete",
                "/patient/delete",
                "/patient/List",
                "/exit-registrate/insert",
                "/out-registrate/planList"


        );
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf()
            .disable()
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .headers()
            .cacheControl();
        http.addFilterBefore(jwtAuthencationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
        http.exceptionHandling()
            .accessDeniedHandler(restfulAccessDeniedHandler)
            .authenticationEntryPoint(restAuthorizationEntryPoint);
    }

    @Override
    public UserDetailsService userDetailsService() {
        return username ->{
            Staff staff = staffService.getStaffByUsername(username);
            if(null!=staff){
                return staff;
            }
            return null;
        };

    }

    @Bean
    public JwtAuthencationTokenFilter jwtAuthencationTokenFilter() {
        return new JwtAuthencationTokenFilter();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}
